Mathias P.W Nilsson wrote:
[...]
From the questions and answers ping-pong here, I get the impression
that you are trying to square the circle, and either bump into a Tomcat
issue or a Hibernate one (whatever that is).
Summary :
- for some reason I don't know nor would understand, you want only one
instance of this Hibernate to start, and that can only be the case if
you have a single Host.
- but you also want to be able to access this through 3 distinct IP
addresses, (not that I really understand HTTPS either but) because this
is HTTPS and HTTPS requires 3 different IP addresses for your 3
certificates.
- in Tomcat, different server IP addresses are handled at the Connector
level. But each Connector is linked to one Engine..
and there I am getting lost..
(although I believe you can have 3 Connectors for one Engine containing
one Host, and the one Host does not give a damn which name it's called
through as long as it is the default Host, but since I'm not on solid
ground there, I'll skip that discussion..)
But .. I have an alternative scenario for you :
Imagine you have one Apache httpd server front-end, set up to handle 3
different IP addresses with HTTPS. That should work, with IP-based
Virtual Hosts.
So these Apache Hosts handle the HTTPS part (certificates, decrypting
and such), and now inside each of these Apache Hosts we have things back
in clear (unencrypted).
Now each of these 3 Apache Virtual Hosts has a mod_jk Apache/Tomcat
connector, connecting to ... a single Tomcat back-end, with a single
Connector, a single Engine and a single Host (with no HTTPS needed),
under which you start a single Hibernate, et voila !
The Apache/mod_jk will nicely pass all (decrypted) headers to your
Tomcat back-end, where of course now it belongs to you to analyse the
"Host:" header to figure out which alias the original Client really
wanted to talk to.
You can also do all kinds of neat tricks with mod_rewrite, mod_headers,
mod_setenvif, mod_proxy, mod_auth_xxx and so on on the Apache side
before you even let Tomcat and Hibernate see anything at all of the
request. Even change the "Host:" header if you are so inclined.
The above will of course all work nicely on one machine, so the
Apache's/Tomcat connection is perfectly safe and maybe you do not need
to be concerned about HTTPS and authentication and all that stuff at all
on the Tomcat side. But even if you were to need this, the Apache hosts
can also pass on to Tomcat all the HTTPS stuff and you can still bother
with it if you want.
This sounds way too simple, there must be a snag somewhere.
But Apache httpd being a cousin of Apache Tomcat, at least the gurus on
this list will have to be polite when shooting down the solution.
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
